Synchronet now requires the libarchive development package (e.g. libarchive-dev on Debian-based Linux distros, libarchive.org for more info) to build successfully.

forum.ssjs 7.52 KB
Newer Older
1 2 3 4 5
/*  This script is an interface between HTTP clients and the functions defined
    in web/lib/forum.js.  A basic check for an authenticated, non-guest user
    is done here; otherwise all permission checking is done at the function
    level. */

6
var settings = load('modopts.js', 'web') || { web_directory: '../webv4' };
7 8 9 10

load(settings.web_directory + '/lib/init.js');
load(settings.web_lib + 'auth.js');
load(settings.web_lib + 'forum.js');
11
var request = require({}, settings.web_lib + 'request.js', 'request');
12 13

var reply = {};
14
var replied = false;
15 16

// There must be an API call, and the user must not be a guest or unknown
17
if (request.has_param('call') && (http_request.method === 'GET' || http_request.method === 'POST')) {
18 19 20 21 22 23 24 25

    var handled = false;

    // Authenticated calls
    if (user.number > 0 && user.alias !== settings.guest) {

        handled = true;

26
        switch (http_request.query.call[0].toLowerCase()) {
27

echicken's avatar
echicken committed
28 29
            // Unread message counts for every sub in a group
            case 'get-sub-unread-counts':
30
                if (request.has_param('group') && msg_area.grp_list[http_request.query.group[0]]) {
echicken's avatar
echicken committed
31 32 33 34 35 36 37 38 39
                    reply = getSubUnreadCounts(http_request.query.group[0]);
                }
                break;
            
            // Unread message counts for all groups user has access to
            case 'get-group-unread-counts':
                reply = getGroupUnreadCounts();
                break;

40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
            case 'get-mail-unread-count':
                reply.count = user.stats.mail_waiting;
                break;

            case 'get-mail-body':
                if (typeof http_request.query.number !== 'undefined') {
                    reply = getMailBody(http_request.query.number[0]);
                }
                break;

            case 'get-signature':
                reply.signature = getSignature();
                break;

            case 'post-reply':
55
                if (request.has_params(['sub', 'body', 'pid'])) {
56
                    reply.success = postReply(http_request.query.sub[0], http_request.query.body[0], Number(http_request.query.pid[0]));
57 58 59 60 61 62
                } else {
                    reply.success = false;
                }
                break;

            case 'post':
63
                if (request.has_params(['sub', 'to', 'subject', 'body'])) {
64 65 66 67 68 69 70 71 72 73 74 75
                    reply.success = postNew(
                        http_request.query.sub[0],
                        http_request.query.to[0],
                        http_request.query.subject[0],
                        http_request.query.body[0]
                    );
                } else {
                    reply.success = false;
                }
                break;

            case 'delete-message':
76
                if (request.has_params(['sub', 'number'])) {
77
                    reply.success = deleteMessage(http_request.query.sub[0], http_request.query.number[0]);
78 79 80 81 82 83
                } else {
                    reply.success = false;
                }
                break;

            case 'delete-mail':
84
                if (request.has_param('number')) {
85 86 87 88 89 90 91
                    reply.success = deleteMail(http_request.query.number);
                } else {
                    reply.success = false;
                }
                break;

            case 'set-scan-cfg':
92
                if (request.has_params(['sub', 'cfg'])) {
93
                    reply.success = setScanCfg(http_request.query.sub[0], http_request.query.cfg[0]);
94 95 96 97 98 99
                } else {
                    reply.success = false;
                }
                break;

            case 'vote':
100
                if (request.has_params(['sub', 'id', 'up']) && !(user.security.restrictions&UFLAG_V)) {
101
                    reply.success = voteMessage(http_request.query.sub[0], http_request.query.id[0], http_request.query.up[0]);
102 103 104 105 106 107
                } else {
                    reply.success = false;
                }
                break;

            case 'submit-poll-answers':
108
                if (request.has_params(['sub', 'id', 'answer'])) {
109
                    reply.success = submitPollAnswers(http_request.query.sub[0], http_request.query.id[0], http_request.query.answer[0]);
110 111 112 113
                }
                break;

            case 'submit-poll':
114
                if (request.has_params(['subject', 'sub', 'votes', 'results', 'answer'])) {
115 116 117 118 119 120 121 122 123 124 125
                    reply.success = postPoll(
                        http_request.query.sub[0],
                        http_request.query.subject[0],
                        http_request.query.votes[0],
                        http_request.query.results[0],
                        http_request.query.answer,
                        http_request.query.comment || []
                    );
                }
                break;

echicken's avatar
echicken committed
126 127 128 129 130 131 132 133
            case 'block-sender':
                if (user.is_sysop) {
                    if (http_request.query.from) addTwit(decodeURIComponent(http_request.query.from[0]));
                    if (http_request.query.from_net) addTwit(decodeURIComponent(http_request.query.from_net[0]));
                    reply.err = null;
                }
                break;

134 135 136
            default:
                handled = false;
                break;
137

138
        }
139

140
    }
141

142 143
    // Unauthenticated calls
    if (!handled) {
144

145
        switch(http_request.query.call[0].toLowerCase()) {
146

147
            case 'get-thread-votes':
148 149 150
                if (request.has_params(['sub', 'id'])) {
                    var id = parseInt(request.get_param('id'), 10);
                    if (!isNaN(id)) reply = getVotesInThread(request.get_param('sub'), id);
151 152 153 154
                }
                break;

            case 'get-sub-votes':
155
                if (request.has_param('sub')) reply = getVotesInThreads(request.get_param('sub'));
156 157 158
                break;

            case 'get-poll-results':
159 160
                if (request.has_params(['sub', 'id'])) {
                    reply = getUserPollData(request.get_param('sub'), request.get_param('id'));
161 162 163
                }
                break;

164
            case 'get-thread':
165 166 167 168 169 170
                if (request.has_params(['sub', 'thread'])) {
                    http_reply.header['Content-Type'] = 'text/plain; charset=utf8';
                    getThread(request.get_param('sub'), request.get_param('thread'), function (m) {
                        writeln(JSON.stringify(m));
                    });
                    replied = true;
171 172 173
                }
                break;

174 175 176 177 178
            case 'list-groups':
                reply = listGroups();
                break;

            case 'list-subs':
179
                if (request.has_param('group')) reply = listSubs(request.get_param('group'));
180 181 182
                break;

            case 'list-threads':
183 184 185
                if (request.has_param('sub')) {
                    if (request.has_param('count')) var count = request.get_param('count');
                    reply = listThreads(request.get_param('sub'), count || settings.page_size, request.get_param('after'));
186 187 188
                }
                break;

189
            case 'get-newest-message-per-sub':
190 191 192 193 194
                if (request.has_param('group')) reply = getNewestMessagePerSub(request.get_param('group'));
                break;

            case 'get-thread-list':
                if (request.has_param('sub')) reply = getThreadList(request.get_param('sub'));
195 196
                break;

197 198
            default:
                break;
199

200
        }
201

echicken's avatar
echicken committed
202
    }
echicken's avatar
echicken committed
203

204 205
}

206
if (!replied) {
207 208 209 210
    reply = JSON.stringify(reply);
    http_reply.header['Content-Type'] = 'application/json';
    http_reply.header['Content-Length'] = reply.length;
    write(reply);
211 212 213
}

reply = undefined;